Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control.

Slides:

Advertisements

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

Advertisements

5-Network Defenses Dr. John P. Abraham Professor UTPA.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Guide to Network Defense and Countermeasures Third Edition

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

COEN 252: Computer Forensics Router Investigation.

Computer Networks IGCSE ICT Section 4.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

1 Enabling Secure Internet Access with ISA Server.

Computerized Networking of HIV Providers Networking Fundamentals Presented by: Tom Lang – LCG Technologies Corp. May 8, 2003.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Note1 (Admi1) Overview of administering security.

Chapter 2 Securing Network Server and User Workstations.

Security fundamentals Topic 10 Securing the network perimeter.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

Robert Ono Office of the Vice Provost, Information and Educational Technology September 9, 2010 TIF-Security Cyber-safety Plans for 2010.

A Network Security -Firewall Bruce Turin.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Protecting Against Cyber Attacks PLEASE TAKE A MINUTE TO LOOK AT THIS IMPORTANT MESSAGE. THIS IS HAPPENING HERE AND NOW! LET US SAVE YOU AND YOUR INFORMATION.

Network System Security - Task 2. Russell Johnston.

PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.

Defining Network Infrastructure and Network Security Lesson 8.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Security fundamentals

Security Threats in the Information Age

Chapter 7: Using Windows Servers

Chapter 7. Identifying Assets and Activities to Be Protected

CompTIA Security+ Study Guide (SY0-401)

What they are and how to protect against them

Top 5 Open Source Firewall Software for Linux User

Hotspot Shield Protect Your Online Identity

Critical Security Controls

Instructor Materials Chapter 7 Network Security

TECHNOLOGY GUIDE THREE

Backdoor Attacks.

Configuring and Troubleshooting Routing and Remote Access

Lesson Objectives Aims You should be able to:

OWASP CONSUMER TOP TEN SAFE WEB HABITS

Lesson #10 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 10 Configuring Network and Firewall Settings.

CompTIA Security+ Study Guide (SY0-401)

IS4550 Security Policies and Implementation

Risk of the Internet At Home

Cybersecurity Strategy

Cyber Security Why You Should Care.

Information Security Session October 24, 2005

Malware March 26, 2018.

Design Unit 26 Design a small or home office network

IS4680 Security Auditing for Compliance

Contact Center Security Strategies

Chapter 4: Protecting the Organization

REDCap and Data Governance

Implementing Client Security on Windows 2000 and Windows XP Level 150

Designing IIS Security (IIS – Internet Information Service)

Test 3 review FTP & Cybersecurity

INTERNET SECURITY.

Getting Started With LastPass Enterprise

Presentation transcript:

Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control

Agenda Ransomware The Internet of Things Botnets

Ransomware

Ransomware – definition Ransom  The practice of holding a prisoner or item to extort money to secure their release. Ransomware  Malicious software holding your files as prisoners to extort money to secure their release.

Cryptolocker Encrypts your files  Files are present but unreadable  No need of transfer and remote storage  Files can be decrypted only by private key You must pay money to get the key  Bitcoins  TOR sites

Cryptolocker – infection “Image: works.jpeg” ransomware-spreads-and-how-it-works.html

Cryptolocker – Fake update site

Cryptolocker – Ramification

Cryptolocker – sequels

Ransomware – workstation protection Up-to-date antivirus  s and websites are transferred encrypted  Endpoint workstation can see them plain Up-to-date software  Zero day vulnerabilities elimination Employee training  Learn to swim and don't swim in wild river

Ransomware – webfilter +

Ransomware – Intrusion prevention system

Ransomware – Application awareness

Ransomware – Protocol inspection

Ransomware – Antivirus

The Internet of Things

Home  Wi-fi router, fridge, lightbulb, printer, extension cord, thermostat Bussines  NAS, printer, IP phone, air condition, window blinds

The Internet of Things – pitfalls Low cost chips, small RAM, unprotected OS  No spare resources for self-defense Rapid development  Small to no focus on security Linux based  full-featured computer

The Internet of Things – Attack

The Internet of Things – Recovery Disconnect thing immediately Re-flash firmware or replace Thing Set strong password Perform system audit  Logs  Scan other systems

The Internet of Things – Prevention Strong password for Thing's administration Update Thing's firmware regularly Don’t buy second hand devices  Saving few euros might not pay off

The Internet of Things – Multiple interfaces

The Internet of Things – Access Don't expose Thing's web interface  Use VPN to access network behind firewall and then access Thing's web interface locally.  If exposing is necessary, use Reverse proxy

The Internet of Things – Reverse Proxy Only web port is exposed Firewall can see and filter all requests

Botnet

Set of computers enslaved by malware performing tasks assigned by master  Spam, DDoS Attack, Malware distribution, Bitcoin mining, clickfraud, spying on user Tasks are issued by command & control center

Botnet – attack “Image:Botnet.svg”

Botnet – recovery Scan computers in LAN by up-to-date antivirus Perform audit of firewall logs Negotiate blacklist removal if botnet operation gets your IP address there

Botnet – prevention Forbid access to the Internet underground  Webfilter & Content Rules Forbid botnet to call home  Blacklists, Security rules

Botnet – Blacklists & Security rules

Summary